Don't give up on this page though, as there will be some updates soon. I'm working on a piece discussing Mebroot and Torpig and why it's been such a pain for people to get rid of.

For some time, online criminals have found value in "your" information. They want whatever they can get from you, including your usernames and passwords. Each access credential combination (username + password) has real value to the underground economy. Think of things like Paypal account passwords, or online banking, or even passwords you use to upload and maintain your websites.

How do they get your credentials? Simple:

• Malware - Keyboard loggers and password stealers come in all shapes and sizes, for a variety of operating systems (but for now, mostly Windows)
• Brute force attack - Slow but effective. If you have a poorly chosen password, like "geheim" then this would be trivial for bad guys to guess.
• Harvesting from other sites - SQL injections, XSS, CSRF and a variety of other techniques make it easy for the attackers to get access to the credentials for everyone who uses a particular online service

Let's say there's a social networking website called FriendFace and you sign up to use it because some friends use it. Like many online services, FriendFace wants you to sign up with your email address as your username at FriendFace. They do this so you can be sent spam, erm, marketing material, and verify you're a real person, etc.

But remembering a unique password for every site you visit isn't easy, so many people will just re-use the same password for that email account, rather than thinking up a new one. The bad guys know this and take advantage of it.

If the bad guys hack the FriendFace system because of an insecurity in the software they run, then they will have your FriendFace username and password, which you possibly use at other sites. They can then try it out wherever they think you may use it and do all sorts of bad stuff in your name.

So, think to yourself: Where do YOU re-use the same username and password combination?

If you use a Macintosh, consider 1Password as a way to manage your password securely and efficiently. There are Windows equivalents out there too, I'm sure, and assuming you don't have a keyboard logging trojan on your system, can be quite effective.

One other thing: At the moment there are a few botnets which use stolen FTP credentials in order to modify websites and insert malicious JavaScript, iframes, or redirects. There has been a sharp increase in these sorts of attacks in the last few weeks and it's one of the leading causes for so called "drive by download" based attacks. Malicious code on websites leads to the site being blacklisted by popular web browsers (Firefox, Safari, Chrome, Internet Explorer 8, etc) and of course has a negative PR impact on the site owner, so be aware!

This web page is meant to have longer explanations, greater background, and more details. The Twitter feed is just an experiment at this point, if you like it, be sure to comment to @xs4cso with your feedback and suggestions.

The choice of which web browser to use is not an easy one to make. Many people have corporate IT policy which controls which version they can use, and require ancient and insecure Explorer versions to support internal web-applications.

Unfortunately, website programmers have an even more difficult task, trying to make a site look and feel the same under all the different browsers out there.

At the moment, the vast majority of web-based targeted attacks are directed against Internet Explorer. That makes sense, because it has a very large market share, and the Bad Guys want to hit as many people as they can with their exploits and attacks.

If you can consider running an alternative browser, such as Apple's Safari (Mac/PC) or Firefox (Mac/PC/Linux) or even Google's Chrome (Mac beta/PC) you should do so.

If you are stuck using IE6 or similar for policy reasons, try to work with your IT department to encourage them to support an alternative browser for public Internet use, but, maintain IE6/IE7 only for internal applications that really need it.

If you really care about security, there are extra plugins and extensions out there to help.

As always, make sure you keep up to date with patches and updates, including to plugins such as Flash and PDF readers!

We're still seeing signs of activity by infected systems (well over 150 so far) -- our advice remains the same: If you're infected, do a full system restore from Apple's software.

Avoid jailbreaking unless you really think you understand the risks, and be aware that iPhones and iPod Touches can both be vulnerable if they're jailbroken and did not plug the hole used by this botnet!

The good news is that the primary controller for the iPhone botnet seems to have been de-activated. Infected phones are still infected, still attempting to spread the malware, but their ability to phone-home and receive new commands is, for now, stopped.

This worm was merely a sign of things to come. The smarter that devices get, the more valuable the information on them, and the more interest they receive from the bad guys.

Malware on mobile phones has so far been an extremely limited phenomena for many reasons -- but smartphones and netbooks and of course laptops all represent a growing interest and risk. Users of these technologies must be aware of these risks and take appropriate action. Think carefully about the data on your mobile device and about who might be able to access it, both with and without your permission!

A "jailbroken" iPhone is an Apple iPhone which has been hacked with special software that lets the user install software which hasn't been approved, nor is supported, by Apple. Unfortunately, the jailbreaking process is really meant for people with a technical understanding of the process, as well as the risks.

One of the things that most of the jailbreaking tools do is install something known as OpenSSH, which is a programme that lets you remotely access your iPhone using the SSH protocol.

Normal iPhones from authorised resellers do not have this software, and by default there is no way to remotely access the phone. Unfortunately, when you combine the jailbreaking process with a very insecure default password chosen by Apple, the result can be quite damaging to the security of your phone, as well as the privacy of your data.

For the past few days XS4ALL has seen what we believe is possibly a new version of the iPhone worms which have been in the news. A number of customers with jailbroken phones have been found running unknown software on their phones which is trying to compromise other iPhone users at other telecommunications providers. We're working with as many customers as possible to determine the exact malware responsible, but so far none of the known iPhone worms seems to be responsible.

XS4ALL strongly advises caution against jailbreaking if you are not fully aware of the potential risks to your privacy and security. If you decide to do it anyway, make sure that you follow the instructions on the Internet about how to change the default password.